NetFlow, monitorování IP toků a bezpečnost sítě

Title in English	NetFlow, IP flow monitoring and network security
Authors	VYKOPAL Jan
Year of publication	2009
Type	Article in Proceedings
Conference	Sborník příspěvků z 35. konference EurOpen.CZ, 4.-7. října 2009
MU Faculty or unit	Institute of Computer Science
Citation
Web	http://europen.cz/Anot/35/sbornik.pdf
Field	Informatics
Keywords	NetFlow; IP flow monitoring; network security
Description	NetFlow is a de-facto standard for network flow monitoring. This technology was originally developed by Cisco. Now it is open, described in RFCs and extended by world-wide community. This paper is focused on utilising long-lasting flow monitoring by computer security incident response team (CSIRT). We summarize our experience with development and operation at Masaryk university. Next, a necessary hardware and software infrastructure including open source applications is introduced.
Related projects:	CYBER - Security of Czech Army Information and Communication Systems - On-line Monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment